Advisor, Information Security, Governance and Risk Management
Job Overview
Job title: Advisor, Information Security, Governance and Risk Management
Job description: Our culture lifts you up—there is no ego in the way. Our common purpose? We all want to win for our customers. We aim to always be evolving, dynamic, and ambitious. We believe in the power of genuine connections. Each employee is a part of what makes us unique on the market: agile and dedicated.
Time Type: Regular
Job Description :
Job Description Summary:
This position is primarily responsible for operationalizing and maintaining the Third Party Risk Management (TPRM) program, including coordination and execution of activities to ensure risk assessments are performed for critical third parties throughout the organization. A secondary function will be to support other GRC activities such as the risk assessment process and governance functions at Cogeco.
The Information Security Advisor establishes and maintains relationships with the business owners to identify third parties, provide information regarding potential risks to the business information and content assets, and support review of contracts and implementation of riders. In addition, works with relevant groups to leverage assessments, performs risk assessments, identifies requirements, implements policies and procedures, and maintains an inventory of critical third parties.
Key Responsibilities:
Help maintain the TPRM framework and processes;
Assess and monitor TPRM lifecycle activities (risk assessment & due diligence, contract negotiation, ongoing monitoring and termination), providing TPRM guidance to relationship owners and partners;
Update TPRM procedures and risk rating methodology periodically with risk management best practices;
Prepare third-party risk reports;
Establish good peer relationships and encourage collaboration;
Identify and build relationships with stakeholders throughout Cogeco and with suppliers;
Help develop and maintain a TPRM playbook;
Monitor and assess performance to ensure compliance with TPRM, regulatory requirements and service level agreements;
Organize the collection of required artifacts (e.g. SOC reports, audited financials) from suppliers regularly;
Work with the business owners to document appropriate corrective action plans to reduce identified risks;
Collect supporting documentation for external audit requests;
Support the greater risk management function;
Such other activities as may be assigned by your manager.
Minimum Qualifications:
Business analysis and relationship management experience;
Basic understanding of fundamental security concepts (application security; user access; perimeter protection principles, network communication).
Preferred Qualifications:
1-2 years of experience conducting assessments or technical reviews to analyze risk (specific to third party risk role);
Experience with information security programs, audits, controls, assessments, risk assessments, or remediation management (specific to Security Governance, Risk & Compliance role);
Relevant information security certifications (Security+, etc).
Location : Montréal, QC
Company : Cogeco Communications Inc.
At Cogeco, we know that different backgrounds, perspectives, and beliefs can bring critical value to our business. The strength of this diversity enhances our ability to imagine, innovate, and grow as a company. So, we are committed to doing everything in our power to create a more diverse and inclusive world of belonging.
By creating a culture where all our colleagues can bring their best selves to work, we’re doing our part to build a more equitable workplace and world. From professional development to personal safety, Cogeco constantly strives to create an environment that welcomes and nurtures all. We make the health and well-being of our colleagues one of our highest priorities, for we know engaged and appreciated employees equate to a better overall experience for our customers.
If you need any accommodations to apply or as part of the recruitment process, please contact us confidentially at
Company: Cogeco
Expected salary:
Location: Montreal, QC
Job date: Mon, 03 Oct 2022 06:20:08 GMT
Job Source: Careerjet.ca